Lucene search
Erwan LR (WPScan)WPVDB-ID:2CBABDE8-1E3E-4205-8A5C-B889447236A0HistoryMar 11, 2024 - 12:00 a.m.
WooCommerce Product Filter < 1.4.4 - Admin+ Stored XSS
2024-03-1100:00:00
Erwan LR (WPScan)
wpscan.com
7
woocommerce product filter
stored xss
admin
cross-site scripting
high privilege users
unfiltered html
multisite setup
vulnerability
security issue
woocommerce.
Description The plugin does not sanitise and escape some of its Filters settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
PoC
As and admin, create a filter with the following payload as name: "> The XSS will be triggered in the Product Filters table (ie /wp-admin/admin.php?page=wpf_search)
| CPE | Name | Operator | Version |
|---|---|---|---|
| eq | 1.4.4 |
Related
cvelist
cvelist
CVE-2024-2278 WooCommerce Product Filter < 1.4.4 - Admin+ Stored XSS
2024-04-01 05:00:02
cve
cve
CVE-2024-2278
2024-04-01 05:15:08
nvd
nvd
CVE-2024-2278
2024-04-01 05:15:08
wpexploit
wpexploit
WooCommerce Product Filter < 1.4.4 - Admin+ Stored XSS
2024-03-11 00:00:00
4.9 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
8.9%
Related for WPVDB-ID:2CBABDE8-1E3E-4205-8A5C-B889447236A0